MFA & 2SV
Multifactor Authentication and 2-Step Verification
Multifactor Authentication and 2-Step Verification both refer to increased protections that are required for Staff accounts. The terms can be used interchangeably when discussing the topic and are commonly abbreviated as MFA and 2SV. For the purpose of this website, we will use the "2SV" terminology because this is what you are most likely to encounter when utilizing the technology with Google.
What is 2SV?
2-Step Verification adds an additional layer of security to Google account sign-ins. It reduces the risk that a malicious actor can sign into your account because they know or guess your password by prompting for additional information that only you are likely to provide.
Traditionally, when you sign in to your account, you only enter your password. With 2SV, you will also use something you have (such as a smartphone or security key) or something you are (such as biometrics) to complete the sign-in process.
Why should I set up 2SV?
You should set up 2SV because doing so makes it very hard for anyone to take over your Google account remotely. This can help to ensure that sensitive information - such as student education records, staff reports, and financial records - is kept safe. In most cases, you would be unaware that a malicious actor has taken over your account until it is too late. 2SV can give you the peace of mind that your account is incredibly secure from phishing scams and ransomware attacks. According to Google, they have seen a 50% decrease in accounts being compromised among users who have enabled 2SV.
Am I required to use 2sv with my slrsd account?
Yes. In additional to it being a good security practice that we believe in and practice within the technology department, our insurance provider is now requiring that we implement additional security requirements on all of our staff accounts.
When must I set up 2sv with my slrsd account?
All staff accounts will need to be enrolled in 2SV no later than June 9, 2023. New staff accessing their accounts after this date are given a 2-week grace period (from the day they first sign in to Google) to set up 2SV.
What happens if I do not set up 2SV?
If you have not set up 2SV on your SLRSD Google account by the deadline, you will lose access to your SLRSD Google account. Please enter a helpdesk ticket if this has happened to you and we will do our best to assist you in enrolling in 2SV.
I received a message about enrolling in 2SV, what should I do?
If you received a message that reads "Don't get locked out! Your domain requires enrollment in 2-step verification." this means that you have not yet completed 2SV setup. You can click the "Enroll" button or follow the steps below to set up your 2SV.
Can I set up 2sv with other accounts?
Though the requirement is for SLRSD-issued Google accounts, we do recommend setting up 2SV or MFA with any account that supports it. Google encourages 2SV for personal Gmail accounts, and many accounts you may already have to manage your finances likely support the technology. We highly recommend learning about your options for personal accounts as you navigate the requirement for your SLRSD-issued Google account.
How do I set up 2sv?
Continue reading below, or jump here to the full directions.
How Do I sign in with 2sv?
Generally-speaking, your sign in process does not change. You will be signed in to your Google account automatically or after entering your password, just as you are currently used to. The exception to this would be when a 2-Step Verification prompt is required. You may notice this in the following circumstances:
You have just set up 2SV and are attempting your first Sign In to Google
You are signing in to a device that has not been added to your "trusted devices" list
You have recently changed your SLRSD password
It has been a few weeks since you last received a 2SV prompt
You have recently cleared your cache and cookies, or have switched to a different web browser
Google or IT suspects your account has been compromised
What if I don't want to use my phone for 2sv?
This is not a problem as there are a number of options. It is important to consider that 2SV is an authentication process, not a communication process, and therefore using your personal device for authentication would not fall subject to a public records request. Though a phone number is required to set up 2SV, it can be removed after you have completed set up. You can generate a set of backup codes to log into your account (but as they are single-use, you will likely need to generate more from time-to-time). Alternatively, your classroom phone can be set up to receive outside calls during the school day or alternate verification methods can be accommodated. Please submit a helpdesk ticket and we will be happy to discuss solutions!
What do I do if I've lost my backup codes?
If you have lost your backup codes, we recommend revoking them and generating a new set of codes. This process can also be used to generate new codes when you are running low on backup codes. In the backup codes section of your Account Security page, you can click on the circular arrow icon to revoke your current set of backup codes and generate a new set.
What do I do if I've lost my Phone?
If you have lost your phone, we recommend changing your SLRSD password.
I set up 2SV, but now I no longer can access Mail on my phone/tablet. What can I do to resolve this?
Due to the additional security requirements of 2SV, built-in Mail apps (such as Apple Mail on iOS or Samsung Mail on Android) are not able to be used. We have always recommended and only supported the official Gmail app from Google for accessing SLRSD email on a smart device. Apple users can download the Gmail App from the App Store, and Android users that do not already have the Gmail app pre-installed can download it from the Play Store.
I need help - who should I reach out to?
Please submit a helpdesk ticket and we will work together to provide as solution as soon as possible.
Popcorn Time!
Feel free to browse through these videos, which are a mix of cybersecurity warnings - including real-world takeovers by malicious actors that could have been prevented by universal 2SV adoption. We hope that you find them interesting. (The setup information for 2SV follows the videos.)